The 389 Directory Server project has announced new releases of versions 2.0.3, 1.4.4.13, and 1.4.3.20. From the release announcements, it looks like some of the changes in these versions are:

• Fixed an issue that could disclose the existence of an entry when trying to bind as that user with no password (versions 2.0.3 and 1.4.4.13)
• Fixed a number of memory management issues (version 2.0.3)
• Fixed an issue that could cause the server to crash on 64-bit ARM systems (all three versions)
• Fixed an issue that could prevent the server from starting if configured with a TLS certificate that does not use the expected nickname (all three versions)
• Fix an issue that could cause the server to choose the wrong operation when replaying replicated changes (version 2.0.3)
• Fixed an issue that could leave the database in a broken state after a failed re-indexing attempt (version 2.0.3)
• Improved dsconf root DN access control validation (version 2.0.3)
• Fix an issue affecting the server when running on big endian systems (version 2.0.3)
• Improved support for migration from OpenLDAP (versions 2.0.3 and 1.4.4.13)
• Log a message when a client attempts to perform too many concurrent operations (version 2.0.3)
• Improve entry cache access performance (version 2.0.3)